Privacy Policy for Pivotsales.ai

Effective Date: July 8, 2025

1. Introduction

Pivotsales.ai ("we", "us", "our") offers AI-powered sales qualification and scheduling tools. We prioritize your privacy and comply with regulations including GDPR, CCPA, UCPA, and LinkedIn Developer Policies. This Policy describes the data we collect, how we use it, and your rights.

By using our Services, you agree to this Policy.

2. Information We Collect

a) Information You Provide

  • Registration: name, email, company, password.

  • Integrations: OAuth tokens, calendar, CRM data, chat transcripts, LinkedIn profile details (name, email, title) when explicitly authorized.

  • Support submissions, feedback, surveys.

b) Automatically Collected Information

  • Device & browser data (IP, OS, device info).

  • Platform usage logs: actions, page visits, timestamps.

  • Cookies, web beacons, tracking pixels for analytics, session handling, and single-sign-on (SSO).

c) LinkedIn Data (via OAuth)

  • Access limited to user-specified scopes.

  • We only collect name, email, title, and profile image, retained only as necessary to deliver Services.

3. Use of Information

  • Provide, operate, and improve Services.

  • Authenticate users and manage sessions.

  • Enable chat/SMS/phone qualification, scheduling, CRM sync, BDR routing.

  • Prevent fraud and enhance platform security.

  • Personalize experience and send feature updates or alerts.

  • Process cookie preferences and email tracking metrics.

  • Comply with legal obligations.

4. Cookies, Web Beacons & Tracking Technologies

  • We use cookies, web beacons (aka tracking pixels or clear GIFs), and similar technologies to manage sessions, collect usage analytics, and support SSO.

  • Email Tracking: Embedded pixels in communications track open/click rates.

  • Users can disable cookies via browser settings and unsubscribe from emails at any time.

5. Sharing & Third‑Party Controllers

  • With Your Consent: Integrations (e.g., CRM, scheduler).

  • Platform Clients: Clients who receive leads or contact data act as separate data controllers.

  • Service Providers: Used for hosting, analytics, email. Bound by confidentiality.

  • Compliance: Shared only if legally required.

  • No Sale or Rental of Personal Data.

6. Subprocessors & International Transfers

We may use third-party subprocessors for infrastructure, analytics, and operations. All subprocessors are under strict confidentiality and security obligations. A list of subprocessors is available upon request.

Where personal data is transferred internationally (e.g., from EEA, UK, or Switzerland), we use safeguards such as Standard Contractual Clauses (SCCs).

7. Data Processing Addendum (DPA)

We provide a DPA upon request to enterprise clients requiring compliance with GDPR, CCPA, or other data protection laws.

8. Automated Decision-Making and Profiling

Some features may use automated logic to qualify or route leads. However, we do not make decisions with legal or similarly significant effects without human oversight.

9. Data Retention & Deletion

  • Account Data: Retained for account life + 2 years, then deleted or anonymized.

  • LinkedIn/OAuth Data: Deleted upon disconnection or user request.

  • Usage Logs: Retained in anonymized form for analytics.

  • User-Initiated Deletion: Contact privacy@pivotsales.ai.

10. Security Measures

  • TLS/SSL encryption.

  • Encrypted OAuth token storage.

  • Role-based access control.

  • Quarterly audits, malware scans, penetration testing.

  • Aligned with SOC 2, GDPR, UCPA standards.

11. Utah UCPA Compliance

Utah residents have the right to:

  • Know if we are processing their data.

  • Access and request a copy of personal data.

  • Request deletion.

  • Opt out of targeted advertising and sale.

  • Explicitly opt in for processing sensitive data.

Requests are processed within 45 days.

12. User Rights & Controls

  • Access & Portability

  • Correction & Deletion

  • Withdraw Consent

  • Marketing & Tracking Opt-Outs

  • Do Not Track (DNT): Not honored but protections are enforced regardless.

13. Children’s Privacy

Our Services are not intended for users under 16. We do not knowingly collect data from minors.

14. Complaints & Authority Contact

If unresolved, you may contact your local data protection authority. Utah residents can file complaints with the Utah Department of Commerce, Division of Consumer Protection.

15. Policy Updates

We may revise this Policy. Material updates will be emailed and posted. Continued use constitutes acceptance.

16. Contact Information

Email: privacy@pivotsales.ai
Address: 200 W Parrish Lane Suite 200, Centerville, UT 84014